Before you ask for people to help you preclude that anyone mailed in a large number of fraudulent ballots, I think it's fair to put to onus on you to describe how that actually could have happened. Start at step 1 and talk us through it: what does the "thousand ballot mail-in attack" look like? Bear in mind voters are registered with ID and proof of address into every state's voter rolls, states have records of when people die, and every election authority watches for duplicate votes; those are the table stakes mitigations you need to get past. Go ahead, I'm interested in hearing this out.
Probably the hardest one to catch is where they have access to the voter rolls and submit ballots in the names of people who were legitimately registered but didn't vote. The stealthier way to do that would be to have real-time access and then inject the ballots at the last minute in the names of people they know didn't vote, so there wouldn't be duplicates.
The scattershot method would be to predict who isn't likely to vote, e.g. because they didn't vote last time, and submit ballots in those names. Then they would have some duplicate ballots, but if the predictions about who wouldn't vote were mostly right, they could submit thousands of ballots and only have a small percentage of duplicates. There would be some duplicates, but then what do you do? You could throw out the duplicates, but one of the two was a legitimate ballot, and the majority of fraudulent ballots wouldn't be duplicated and would still get counted. It's also not obvious how to distinguish between whether a small percentage of duplicated ballots out of millions cast are a result of a single act of intentional fraud or many independent acts of incompetence.
Another alternative would be to register people who didn't request to be, e.g. people who are institutionalized and a worker at the institution is in a position to register them and then intercept their ballots and submit them.
Some privileged positions would allow someone to do this at greater scale, e.g. postal workers. A postal worker in a high density city could have many thousands of residences on their route, each with multiple eligible voters. Get a copy of the voter rolls, register every eligible voter on their route who isn't already in there, use their real social security numbers obtained from a copy of the Equifax leak or similar, then request mail-in ballots to take and submit.
1. You have to get the actual ballot for the people who haven't voted (you have to request that ballot, of course). You can't just fill them out from a template.
2. To register, you need enough information to steal someone's identity. In states like PA, the first time you vote after registering, you have to present photo ID.
3. The largest mental institution in the United States houses 1,400 inpatients. In the implausible event that you were able to somehow vote for all of them without being detected, you'd have flipped none of the states this cycle.
